城市(city): Johannesburg
省份(region): Gauteng
国家(country): South Africa
运营商(isp): LanDynamix
主机名(hostname): unknown
机构(organization): LANDYNAMIX
使用类型(Usage Type): Commercial
| 类型 | 评论内容 | 时间 |
|---|---|---|
| attackspam | Sep 10 15:55:26 hosting sshd[21337]: Invalid user dev from 154.73.75.99 port 55049 ... |
2019-09-10 23:55:18 |
| attackbotsspam | (sshd) Failed SSH login from 154.73.75.99 (-): 5 in the last 3600 secs |
2019-09-08 05:21:12 |
| attackspam | Sep 6 15:35:10 eddieflores sshd\[13203\]: Invalid user csgoserver from 154.73.75.99 Sep 6 15:35:10 eddieflores sshd\[13203\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.73.75.99 Sep 6 15:35:12 eddieflores sshd\[13203\]: Failed password for invalid user csgoserver from 154.73.75.99 port 28267 ssh2 Sep 6 15:41:26 eddieflores sshd\[13853\]: Invalid user www from 154.73.75.99 Sep 6 15:41:26 eddieflores sshd\[13853\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.73.75.99 |
2019-09-07 09:53:47 |
| attack | Sep 6 09:33:35 aiointranet sshd\[23779\]: Invalid user testing from 154.73.75.99 Sep 6 09:33:35 aiointranet sshd\[23779\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.73.75.99 Sep 6 09:33:37 aiointranet sshd\[23779\]: Failed password for invalid user testing from 154.73.75.99 port 6358 ssh2 Sep 6 09:39:54 aiointranet sshd\[24330\]: Invalid user uftp from 154.73.75.99 Sep 6 09:39:54 aiointranet sshd\[24330\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.73.75.99 |
2019-09-07 03:40:38 |
| attackspam | Sep 3 03:38:24 ny01 sshd[3298]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.73.75.99 Sep 3 03:38:25 ny01 sshd[3298]: Failed password for invalid user bk from 154.73.75.99 port 59608 ssh2 Sep 3 03:43:56 ny01 sshd[4216]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.73.75.99 |
2019-09-03 15:51:17 |
| attackbots | $f2bV_matches |
2019-09-02 10:32:38 |
| attackbots | leo_www |
2019-08-29 14:08:17 |
| attack | Aug 25 02:41:38 bouncer sshd\[26832\]: Invalid user user from 154.73.75.99 port 51253 Aug 25 02:41:38 bouncer sshd\[26832\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.73.75.99 Aug 25 02:41:41 bouncer sshd\[26832\]: Failed password for invalid user user from 154.73.75.99 port 51253 ssh2 ... |
2019-08-25 09:14:57 |
| attackbots | SSH Brute-Force reported by Fail2Ban |
2019-08-22 23:28:06 |
| attackspam | Aug 20 02:14:22 nextcloud sshd\[8063\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.73.75.99 user=nagios Aug 20 02:14:24 nextcloud sshd\[8063\]: Failed password for nagios from 154.73.75.99 port 24627 ssh2 Aug 20 02:20:34 nextcloud sshd\[15864\]: Invalid user guest from 154.73.75.99 Aug 20 02:20:34 nextcloud sshd\[15864\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.73.75.99 ... |
2019-08-20 08:28:00 |
| attack | $f2bV_matches |
2019-08-13 21:52:59 |
| attackspambots | 2019-08-12T15:01:33.525410abusebot-7.cloudsearch.cf sshd\[27961\]: Invalid user magic from 154.73.75.99 port 52024 |
2019-08-12 23:12:30 |
| attackspambots | Repeated brute force against a port |
2019-08-01 13:39:36 |
| attack | Jul 31 15:37:52 vps200512 sshd\[29689\]: Invalid user postgres from 154.73.75.99 Jul 31 15:37:52 vps200512 sshd\[29689\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.73.75.99 Jul 31 15:37:53 vps200512 sshd\[29689\]: Failed password for invalid user postgres from 154.73.75.99 port 14790 ssh2 Jul 31 15:43:48 vps200512 sshd\[29826\]: Invalid user admin from 154.73.75.99 Jul 31 15:43:48 vps200512 sshd\[29826\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.73.75.99 |
2019-08-01 03:47:30 |
| attack | Jul 26 21:42:11 home sshd[31049]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.73.75.99 user=root Jul 26 21:42:14 home sshd[31049]: Failed password for root from 154.73.75.99 port 46626 ssh2 Jul 26 22:00:36 home sshd[31068]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.73.75.99 user=root Jul 26 22:00:38 home sshd[31068]: Failed password for root from 154.73.75.99 port 63581 ssh2 Jul 26 22:06:32 home sshd[31073]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.73.75.99 user=root Jul 26 22:06:33 home sshd[31073]: Failed password for root from 154.73.75.99 port 23455 ssh2 Jul 26 22:21:40 home sshd[31106]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.73.75.99 user=root Jul 26 22:21:42 home sshd[31106]: Failed password for root from 154.73.75.99 port 62849 ssh2 Jul 26 22:28:10 home sshd[31116]: pam_unix(sshd:auth): authenticatio |
2019-07-27 20:43:48 |
| attackspam | Jul 17 13:41:56 vtv3 sshd\[10981\]: Invalid user kevin from 154.73.75.99 port 16621 Jul 17 13:41:56 vtv3 sshd\[10981\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.73.75.99 Jul 17 13:41:58 vtv3 sshd\[10981\]: Failed password for invalid user kevin from 154.73.75.99 port 16621 ssh2 Jul 17 13:48:23 vtv3 sshd\[14421\]: Invalid user pilot from 154.73.75.99 port 17845 Jul 17 13:48:23 vtv3 sshd\[14421\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.73.75.99 Jul 17 14:01:45 vtv3 sshd\[21329\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.73.75.99 user=root Jul 17 14:01:47 vtv3 sshd\[21329\]: Failed password for root from 154.73.75.99 port 37397 ssh2 Jul 17 14:08:21 vtv3 sshd\[24728\]: Invalid user jboss from 154.73.75.99 port 28914 Jul 17 14:08:21 vtv3 sshd\[24728\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.73.75. |
2019-07-18 11:56:48 |
| attack | Jul 17 13:41:56 vtv3 sshd\[10981\]: Invalid user kevin from 154.73.75.99 port 16621 Jul 17 13:41:56 vtv3 sshd\[10981\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.73.75.99 Jul 17 13:41:58 vtv3 sshd\[10981\]: Failed password for invalid user kevin from 154.73.75.99 port 16621 ssh2 Jul 17 13:48:23 vtv3 sshd\[14421\]: Invalid user pilot from 154.73.75.99 port 17845 Jul 17 13:48:23 vtv3 sshd\[14421\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.73.75.99 Jul 17 14:01:45 vtv3 sshd\[21329\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.73.75.99 user=root Jul 17 14:01:47 vtv3 sshd\[21329\]: Failed password for root from 154.73.75.99 port 37397 ssh2 Jul 17 14:08:21 vtv3 sshd\[24728\]: Invalid user jboss from 154.73.75.99 port 28914 Jul 17 14:08:21 vtv3 sshd\[24728\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.73.75. |
2019-07-18 04:51:16 |
| attack | SSH invalid-user multiple login try |
2019-07-11 08:03:02 |
| attack | Jul 7 16:27:31 dev sshd\[7362\]: Invalid user odoo from 154.73.75.99 port 59175 Jul 7 16:27:31 dev sshd\[7362\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.73.75.99 ... |
2019-07-07 23:40:01 |
| attackbots | Jul 7 11:33:18 Ubuntu-1404-trusty-64-minimal sshd\[5555\]: Invalid user co from 154.73.75.99 Jul 7 11:33:18 Ubuntu-1404-trusty-64-minimal sshd\[5555\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.73.75.99 Jul 7 11:33:20 Ubuntu-1404-trusty-64-minimal sshd\[5555\]: Failed password for invalid user co from 154.73.75.99 port 7421 ssh2 Jul 7 11:39:01 Ubuntu-1404-trusty-64-minimal sshd\[7810\]: Invalid user test from 154.73.75.99 Jul 7 11:39:01 Ubuntu-1404-trusty-64-minimal sshd\[7810\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.73.75.99 |
2019-07-07 19:06:28 |
| attackbots | Jul 1 11:50:00 host sshd\[58479\]: Invalid user airadmin from 154.73.75.99 port 42720 Jul 1 11:50:00 host sshd\[58479\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.73.75.99 ... |
2019-07-01 18:28:02 |
| attackspam | web-1 [ssh] SSH Attack |
2019-06-30 03:29:54 |
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 154.73.75.99
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32993
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;154.73.75.99. IN A
;; AUTHORITY SECTION:
. 3600 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019062901 1800 900 604800 86400
;; Query time: 4 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Jun 30 03:29:48 CST 2019
;; MSG SIZE rcvd: 116
Host 99.75.73.154.in-addr.arpa. not found: 3(NXDOMAIN)
Server: 67.207.67.2
Address: 67.207.67.2#53
** server can't find 99.75.73.154.in-addr.arpa: NXDOMAIN
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 125.25.197.66 | attack | Unauthorized connection attempt from IP address 125.25.197.66 on Port 445(SMB) |
2020-09-02 00:23:00 |
| 49.88.112.68 | attack | Sep 1 12:10:57 firewall sshd[17751]: Failed password for root from 49.88.112.68 port 36455 ssh2 Sep 1 12:10:59 firewall sshd[17751]: Failed password for root from 49.88.112.68 port 36455 ssh2 Sep 1 12:11:01 firewall sshd[17751]: Failed password for root from 49.88.112.68 port 36455 ssh2 ... |
2020-09-02 00:53:04 |
| 119.86.182.229 | attack | Spammer |
2020-09-02 00:30:58 |
| 193.228.91.11 | attack | Sep 1 18:23:41 ns1 sshd[89761]: Did not receive identification string from 193.228.91.11 port 52714 Sep 1 18:23:46 ns1 sshd[89762]: Unable to negotiate with 193.228.91.11 port 53770: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] Sep 1 18:24:17 ns1 sshd[89766]: Unable to negotiate with 193.228.91.11 port 37930: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] Sep 1 18:24:47 ns1 sshd[89768]: Unable to negotiate with 193.228.91.11 port 50286: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] Sep 1 18:25:16 ns1 sshd[89772]: Unable to negotiate with 193.228.91.11 port 34408: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchan ... |
2020-09-02 00:36:31 |
| 79.170.40.168 | attackspambots | Brute Force |
2020-09-02 00:44:56 |
| 212.98.190.106 | attack | Sep 1 14:31:50 vmd26974 sshd[20057]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.98.190.106 Sep 1 14:31:53 vmd26974 sshd[20057]: Failed password for invalid user admin from 212.98.190.106 port 52026 ssh2 ... |
2020-09-01 23:57:33 |
| 106.12.5.137 | attack | Sep 1 14:41:17 rocket sshd[32407]: Failed password for root from 106.12.5.137 port 39360 ssh2 Sep 1 14:46:17 rocket sshd[687]: Failed password for root from 106.12.5.137 port 36804 ssh2 ... |
2020-09-02 00:42:42 |
| 62.176.2.87 | attack | Unauthorized connection attempt from IP address 62.176.2.87 on Port 445(SMB) |
2020-09-02 00:01:51 |
| 195.206.105.217 | attackbotsspam | 2020-09-01T16:40:12.202182vps1033 sshd[12730]: Failed password for root from 195.206.105.217 port 56828 ssh2 2020-09-01T16:40:13.938662vps1033 sshd[12730]: Failed password for root from 195.206.105.217 port 56828 ssh2 2020-09-01T16:40:15.927255vps1033 sshd[12730]: Failed password for root from 195.206.105.217 port 56828 ssh2 2020-09-01T16:40:18.178158vps1033 sshd[12730]: Failed password for root from 195.206.105.217 port 56828 ssh2 2020-09-01T16:40:20.333496vps1033 sshd[12730]: Failed password for root from 195.206.105.217 port 56828 ssh2 ... |
2020-09-02 00:40:43 |
| 47.30.139.255 | attack | 1598963504 - 09/01/2020 14:31:44 Host: 47.30.139.255/47.30.139.255 Port: 445 TCP Blocked ... |
2020-09-02 00:08:27 |
| 189.188.98.234 | attackspambots | Unauthorized connection attempt from IP address 189.188.98.234 on Port 445(SMB) |
2020-09-02 00:24:56 |
| 46.254.24.104 | attackbots | Unauthorized connection attempt from IP address 46.254.24.104 on Port 445(SMB) |
2020-09-02 00:17:04 |
| 177.87.10.58 | attack | Unauthorized connection attempt from IP address 177.87.10.58 on Port 445(SMB) |
2020-09-02 00:14:11 |
| 161.35.126.137 | attackspam | SSH brutforce |
2020-09-02 00:22:00 |
| 40.84.139.252 | attack | SQL Injection Attempts |
2020-09-02 00:54:04 |